key question

Paul Richard Ramer free10pro at gmail.com
Mon Mar 15 08:54:03 CET 2010 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Sat, 13 Mar 2010 20:05:21 +0000 MFPA wrote:
>> And by the way, I apply this rule to me.
> 
> Which rule? You've already stated that you don't believe the holder
> should upload the key if the originator doesn't want, so presumably
> you mean that you would tell somebody if you didn't want them to pass
> on or upload a key you created?

Scrap that sentence that you quoted.  Below is what I said before that
sentence, and these paragraphs below are what I believe.  And I govern
me by what I believe.

/I think the key holder has the ethical and lawful rights to use and
distribute the key if the key's originator doesn't forbid him.  If the
key holder is forbidden, he has the lawful right, but not an ethical right.

But the key holder shouldn't have to ask the originator what he may do
with the key.  The key holder should, by default, have freedom.  But if
the originator doesn't want his key disseminated, he should say so./

>> Each of those e-mail addresses on my keys are ones that
>> were already associated with my real name.  I had given
>> each of those addresses to family, friends, associates,
>> businesses, or a combination of them.  Not one of those
>> accounts had given me any anonymity, and each had been
>> shared outside of people I knew personally.
> 
>> By uploading a key with those addresses on it, does
>> that mean I gave up privacy that I already had?  No.
> 
> It looks to me as if the answer is "yes." Unless each person who had
> one of your email addresses already knew the other addresses before
> seeing them on your key, they now have extra information about you.
> And the addresses have jumped from "shared outside of people [you]
> knew personally" to published in a universally-accessible location.
> However minor/negligible or unimportant you may consider it, that's a
> reduction in privacy.
> 
> 
>> I only made it possible for people to now communicate with me with
>> more privacy than they could have had before.
> 
> And probably shared more of your email addresses with each person than
> they had before.

If you knew more about how I shared those e-mail addresses, you might
conclude differently.  I think that I disclosed less than you may have
gotten the impression that I did, since those addresses were never
private information.

> Horses for courses, as they say. I know several people who give a
> unique email address to each contact. In their situation, it would be
> inappropriate to publish (or even circulate) a key containing all
> their email addresses, unless the addresses could be hashed in the
> UIDs.

Personally, I prefer to give an e-mail address, and then filter
messages based upon the sender.  But that is my preference.  I don't
believe it is The One True Way. :-)

>> We all want an amount of anonymity and privacy.  But we
>> each want a different level of it.
> 
> For some people, that amount could effectively be "none" judging by
> their profile and postings on the likes of Facebook.

Unfortunately, yes. :-\  Thank God that I never chose to do such
foolishness.  Although technically I have an account on one of the
social networking sites, it contains nothing more than a name and is
only minimally used for affairs concerning other people. :-|

>> If in the future I want to go underground with a
>> pseudonymous identity, then I will create a PGP key
>> specifically for it.
> 
> And in that eventuality, do you see the attraction of optionally
> hashing email addresses and names in UIDs, so that somebody who
> knows your email address can find your key but somebody who
> inspects your key gains no information about you from it?

Probably not.  I might consider it, though.  I would most likely create
a UID like your's--pseudonym and nothing more.  Then use the key with
e-mail accounts that would never have information about my real identity.

This doesn't mean that the hashed UIDs idea couldn't be good for someone
else.

>> They prefer anonymity.
> 
> Or using a pseudonym, which is not the same thing as anonymity.

Anything that connects two or more messages together, whether it be a
key ID, pseudonym, or secret pass phrase or sign, is less than perfect
anonymity.  Even speech patterns will give less than perfect anonymity.

Perfect anonymity is difficult, if not impossible, to achieve.  It can
also be impractical, e.g. if I don't have a way of knowing that I am
communicating with the same person each time, how can I know that I am
not talking to an enemy.

If I am to have multiple communications with an anonymous entity, I have
to know that the last anonymous entity and the one that I am talking to
now are the same.  There has to be something identifying.  It doesn't
matter what it is, but it must be there.  Would I risk sharing secret
information with the wrong person?

Perfect anonymity is like perfect privacy.  They are both impossible to
have if we are to live our lives while having relationships and
associations.

Perfect privacy means not knowing anyone or seeing anyone.  Because once
someone has seen you, learned information about you, or seen where you
have gone, you have lost some privacy.  You no longer have perfect privacy.

In fact, just by posting to this mailing list we have given up some
privacy or anonymity.  The nature of the way we write, what we think,
the experiences that we relate--all of these reveal something about
ourselves.

None of this is to say that we shouldn't have privacy or anonymity.  It
is just that we should realize that we need to balance our need for
privacy and anonymity with the needs and desires of the way that we want
to live.

Similarly, perfect anonymity will fail once someone can connect multiple
messages or activities to an identity (whether or not that
identity is a pseudonym, real name, or something else).

My needs or desires may be different from your needs and desires.  And
our needs and desires may be different than John Doe's needs and
desires.  It doesn't, by necessity, make any of us better than the others.

>> I like anonymity, and I want it for most of my use of
>> the Internet. But when I post to this mailing list or
>> use those e-mail accounts listed on my public keys, I
>> want to associate them with my real identity.
>
> Mine varies between fairly random usernames, MFPA if the site doesn't
> insist on something longer, and just a couple of things where I use my
> real name.

I too avoid using my real name for most things.  I only use my real name
when I want it associated with whatever the item is or if, for some
reason, a real name is required of me.

>>> I believe anybody with my details should be able to
>>> fetch my key from a server, but looking at my key
>>> should give them no extra personal information about
>>> me.
> 
>> Private dissemination within a public venue.
> 
> I don't know why, but that simple phrase suggests to me that you think
> it would be a bad thing.

No, I think that it is fine.  Probably the reason that sentence comes
off the way it does is that I previously inferred that you wanted a
"keyserver that you can upload publicly and download privately", and I
felt that your answer to that question skirted around saying "yes".

But truly, it is private dissemination within a public venue.  Nothing
is wrong with that, but it is different than what the keyservers are
currently for, which is public dissemination.

I can see how some people, such as yourself, would like to have such a
system.  But it shouldn't be touted as The One True Way any more than
the current system.

>> /My way is true and holy.  Follow in my foot steps./
> 
> That's similar to my impression of the statement I was challenging.

I don't like anyone telling me that something *must* be done a certain
way; when in reality, it was just their preference.

>> I think that you are wrong, because you seem to insist
>> that others must do as you do. It would be equally
>> wrong for me to insist that others must do as I do.
> 
> Have I "insisted on" anything beyond the basic courtesy of obtaining
> consent before passing on other people's personal information?

- From reading all of the posts by you to this thread, I would infer that
you been, at least somewhat, projecting your goals and needs and desires
onto whoever the user is.  It is a subtlety to your posts.

I imagine that you will tell me that I am a fruit cake, but I could
waste my words on a whole post to demonstrate this subtlety.

As for the rest of the issues, everyone has different goals and needs.
It would be foolish for us to assume what is best for all users.  There
is no One True Way and no one-size-fits-all.


- -Paul

- --
"Plagiarism is the greatest form of flattery." --self

+---------------------------------------------------------------------+
| PGP Key ID: 0x3DB6D884                                              |
| PGP Fingerprint: EBA7 88B3 6D98 2D4A E045  A9F7 C7C6 6ADF 3DB6 D884 |
+---------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQGcBAEBCAAGBQJLnedqAAoJEJhBiuhgbQLISpwL/jwWQa421CrF/MHWdtjfHxs8
Bxfqic0JgcVTLiy+1X7JaGdtgytXafSjW1EVj8cpA1zOVyDnxPRjO7kLwGxm6GcL
tXHD/FKT3lecZveVNC7ioWITFuXJgkpVk5AaC9KyGJ69TmpovgOMRugvqVxgAtjq
flPALiBMU5apvzMVmuQKuTlRXoNmUn8gvJ2fnaU8uge8Yut2e6DVX/32Tj92jNAq
CsjWKzlwJSgDb5fHlupsURuFQXl6RzwngA6G0fvEX4NOMYVn9wGE6oveYzQ6aUdH
tG+0QjzKS9J3vqnhnjziJ8JK3D5CURdcW9r+UBLTairoQGERneBAoL7G9+fcEfjM
am7OgNUxOA5cvW03hmz3dBQM3XC/03FYR2z2vpPFwjy2U+D0r2UcudLvrG738MgZ
GQGdBOZ8iIs9VqggUVTDz9c6JZ9/zItxcudu6zd975H1Op1nwhI8Xy4v9Mn+MMm6
3LSn4jcx45Ai147ZnDG0JPfdsS3MECbkFdFCQnc3SQ==
=WrIX
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list